Brand protection

How exposed is your brand?

Enter your brand name and we’ll generate common typo-squat, keyboard slip, character swap, and homoglyph look-alike variant. This is an informative risk map, not an availability checker.

Brand nameTLD

Methodology

How the checker works

NameNotifier generates variant domains through eight deterministic transformations against your input brand. Each transformation targets a distinct attack surface.

Keyboard adjacency
Each character is swapped for its QWERTY neighbors (e.g., 'a' → q/s/w/z). Matches the most common fat-finger path — users typing fast don't verify.
Character omission
Drop one character at a time (e.g., 'stripe' → 'tripe', 'sripe', 'stipe'). Captures dropped-key misspellings.
Doubling
Double any single character (e.g., 'figma' → 'ffigma', 'fiigma'). Catches sticky-key and muscle-memory typos.
Transposition
Swap adjacent characters (e.g., 'notion' → 'ntoion'). One of the highest-rate typo patterns in human input.
Homoglyph substitution
Replace Latin characters with visually identical characters from Cyrillic, Greek, and extended Latin. The 'pаypal.com' class of attack. Most rendering engines make these indistinguishable.
TLD swap
Register the brand under lookalike TLDs (.co / .cm / .om / .net / .biz). The 'missed the period' and 'cousin-TLD' phishing surface.
Hyphenation
Insert a hyphen at each position (e.g., 'vercel' → 'v-ercel', 've-rcel'). Bypasses naive brand filters and creates UX-plausible variants.
Vowel swap
Replace vowels with phonetic neighbors (e.g., 'stripe' → 'strape'/'strope'). Catches accent-mark and language-variant typos.

FAQ

Frequently asked questions.

›What counts as a typo-squat?

A typo-squat is a domain registered under a spelling variation of an established brand that users can reach by fat-fingering the URL bar — adjacent-key slips, character doubling, missing letters, transpositions. We also flag homoglyph attacks (Latin characters swapped for Cyrillic/Greek look-alikes that render identically on most fonts) and hyphenation splits.

›Why check this if I haven't been attacked yet?

Most phishing campaigns use pre-registered typo-squat domains held in a dormant state for months before activation. By the time a campaign runs, the attacker already owns the variants. Monitoring lets you register, UDRP, or at least alert on the domains before they're weaponized against your users.

›Do you check every TLD?

The free checker generates variants for the TLD you select, plus common cousin-TLD swaps where relevant. It does not check availability, ownership, or registration status.

›What's a homoglyph?

A character from one script that looks identical (or near-identical) to a character in another script. The Cyrillic 'а' (U+0430) renders the same as Latin 'a' in most fonts but registers as a different domain. Attackers exploit this to create domains like 'pаypal.com' that visually read as 'paypal.com' but route to a phishing server.

›How many variants does a typical 6-letter brand generate?

200-500, depending on the character composition. Longer brands and brands with vowel-heavy clusters produce more. Homoglyph expansion alone can multiply that by 3-10x when you include all script look-alikes. Treat the output as a review list, not as proof that a domain is registered or available.

Need help?

One support path, real replies.

If the variant list raises a concern, send it through support. That keeps brand questions, billing, bugs, and account help in the same tracked queue.

Open support→